Novell® Sentinel™
Deployment Made Simple, Ease to Use
Sentinel delivers a centralized Event Source Management framework. With the lack of industry logging standards, using adaptable and flexible technology is central to being able to see events from all your data sources. Sentinel's architecture leverages interpretive collectors for data parsing and normalization, filtering, and enrichment in order to integrate all the data into one simple view. The framework takes the data from the source system, performs the transformations and presents the events for later analysis, visualization and reporting purposes. This makes deploying Sentinel easier and quicker, enabling you to begin realizing value sooner.
The Event Source Management (ESM) user interface allows you to manage and monitor connections between Sentinel and its 3rd party event sources. This framework enables all aspects of configuring, deploying, managing, and monitoring data collectors for a broad set of systems, including:
- databases
- operating systems
- directories
- firewalls
- intrusion detection/prevention systems
- anti-virus applications
- mainframes
- web and application servers
- plus many more.
Connectors and Collectors work in conjunction to obtain raw log data, parse the data and deliver a richer event stream before events are correlated and analyzed and sent to the database. Through ESM, you may:
- Import/Export Connectors and Collectors from/to the centralized repository available in ESM
- Add/Edit connections to event sources through the Configuration wizards
- View the real-time status of the connections to event sources
- Monitor data flowing through the Collectors and Connectors
Recommended Reading
For more information see: Novell Sentinel 6 Architectural Overview Whitepaper